I used to work at a pharmaceutical company that would spend $30,000, $50,000 on various scientific equipment, then hook it up to an 8 yr old Dell, that only had IE 8 on it. They were risking their intellectual property and reducing employee productivity to save a fraction of a percent of their yearly spending.

Hopefully as older people retire and die off a younger generation of finance professionals will take over who understand the value and necessity of maintaining a reasonably up to date IT infrastructure.

When I was young I dreamed of making a living building and selling software products but now that I grew up I seriously doubt there's a chance little firms can possibly survive in such a hostile environment.

You build something useful. Customers like it. You make sure the security is tight. You sell a few thousand copies and then, when you least expect it, KBLAM! someone figures a way to stick a virus in it. You stop development, write a patch and warn your customers. Then, they stick another one.

The moral of the story seems to be that you work hard but you make sure you only achieve limited success. Too much success gets undesirable attention. Quite a conundrum.

I used to work at a pharmaceutical company that would spend $30,000, $50,000 on various scientific equipment, then hook it up to an 8 yr old Dell, that only had IE 8 on it. They were risking their intellectual property and reducing employee productivity to save a fraction of a percent of their yearly spending.

Hopefully as older people retire and die off a younger generation of finance professionals will take over who understand the value and necessity of maintaining a reasonably up to date IT infrastructure.

Often that very expensive equipment only has an RS-232 connection, and doesn't work with a USB to RS-232 adapter and anything later than Windows XP. So you'll need an 8 year old computer, it's very difficult to find a new system that has a hardware RS-232 port anymore.

I used to work at a pharmaceutical company that would spend $30,000, $50,000 on various scientific equipment, then hook it up to an 8 yr old Dell, that only had IE 8 on it. They were risking their intellectual property and reducing employee productivity to save a fraction of a percent of their yearly spending.

Hopefully as older people retire and die off a younger generation of finance professionals will take over who understand the value and necessity of maintaining a reasonably up to date IT infrastructure.

Often that very expensive equipment only has an RS-232 connection, and doesn't work with a USB to RS-232 adapter and anything later than Windows XP. So you'll need an 8 year old computer, it's very difficult to find a new system that has a hardware RS-232 port anymore.

If they can spend $50K on the equipment, they can shell out $50 for a real serial port.

We had the same problem, new Win7 computers, old equipment, USB cable not working. We went to Fry's and $49.98 later, walla, we had 4 real serial ports.

Edit: I also had to create a Virtual Box to run the compiler for the same piece of equipment since it wouldn't install on Windows7, but admittedly I didn't have to use the RS-232 port from the VM to talk to the hardware. That piece of code worked under Win7.

I used to work at a pharmaceutical company that would spend $30,000, $50,000 on various scientific equipment, then hook it up to an 8 yr old Dell, that only had IE 8 on it. They were risking their intellectual property and reducing employee productivity to save a fraction of a percent of their yearly spending.

Hopefully as older people retire and die off a younger generation of finance professionals will take over who understand the value and necessity of maintaining a reasonably up to date IT infrastructure.

Tell me about it. I work IT support for a University department and often times see labs spend up to $200,000 on a microscope or some other research equipment only to hook it up to a 10+ year old computer. I don't mind supporting old equipment when money is tight but it gets rather annoying when you know they have the money available but just don't view new computers as a priority.

Hopefully as older people retire and die off a younger generation of finance professionals will take over who understand the value and necessity of maintaining a reasonably up to date IT infrastructure.

Really? Really? How do you know it isn't (let me be just as idiotic) careless inexperienced new college hires responsible for this? Going to say something racist, misogynist, or religiously intolerant next are you?

Age-ist crap aside, the last time I checked it is the IT department, not Finance that makes these kinds of decisions. This has to be one of the dumbest comments I've ever seen on Ars. And an Editor's Pick too?

The article isn't clear on whether they are targeting Department of Energy computers or the personal computers of Department of Energy employees. If it is the latter, then maintaining a secure system is the employee's responsibility. On the other hand, these systems are also less likely to contain classified data. (I've heard that the aerospace industry is very finicky about how data is handled. I don't see why the standards would be any lower for the nuclear industry.)

Hopefully as older people retire and die off a younger generation of finance professionals will take over who understand the value and necessity of maintaining a reasonably up to date IT infrastructure.

Really? Really? How do you know it isn't (let me be just as idiotic) careless inexperienced new college hires responsible for this? Going to say something racist, misogynist, or religiously intolerant next are you?

Age-ist crap aside, the last time I checked it is the IT department, not Finance that makes these kinds of decisions. This has to be one of the dumbest comments I've ever seen on Ars. And an Editor's Pick too?

Ars what are you thinking of?

For the last few shops that I worked in, my experience was thus: IT requests it, Management and Finance hem and haw and shoot it down.

The only time I have not seen Finance shoot it down is when IT forced the issue by consulting Legal. Legal did an estimate done for how much the company would lose if the security risk was not resolved, Management shit itself and IT's requests were miraculously approved.

I used to work at a pharmaceutical company that would spend $30,000, $50,000 on various scientific equipment, then hook it up to an 8 yr old Dell, that only had IE 8 on it. They were risking their intellectual property and reducing employee productivity to save a fraction of a percent of their yearly spending.

Hopefully as older people retire and die off a younger generation of finance professionals will take over who understand the value and necessity of maintaining a reasonably up to date IT infrastructure.

Tell me about it. I work IT support for a University department and often times see labs spend up to $200,000 on a microscope or some other research equipment only to hook it up to a 10+ year old computer. I don't mind supporting old equipment when money is tight but it gets rather annoying when you know they have the money available but just don't view new computers as a priority.

Conversely though my University upgraded twice in 3 years from Win7 to Win8 (ew) and from E8500's to i5s. The thing that really got me was these one were for general browsing/general computer labs and the i5 is pretty overkill. I think they probably did it when the E8500 warranty ran out and they could still trade them in. I think it would be better though to buy say an extra 10% (or other percent) more units and swap out dead one's themselves.

I used to work at a pharmaceutical company that would spend $30,000, $50,000 on various scientific equipment, then hook it up to an 8 yr old Dell, that only had IE 8 on it. They were risking their intellectual property and reducing employee productivity to save a fraction of a percent of their yearly spending.

Hopefully as older people retire and die off a younger generation of finance professionals will take over who understand the value and necessity of maintaining a reasonably up to date IT infrastructure.

Often that very expensive equipment only has an RS-232 connection, and doesn't work with a USB to RS-232 adapter and anything later than Windows XP. So you'll need an 8 year old computer, it's very difficult to find a new system that has a hardware RS-232 port anymore.

never seen pcie serial port cards ?available with drivers for mac ,win7 ,win8 and linuxcan get a few with solaris drivers.

They even work nicely in a thunderbolt pcie expansion case (with mac minis)

What are problems are instruments where they ship a pc with it and they don't get upgraded/can't be upgraded.Some sems shipped with nt4. Newer ones ship with windows 7 or redhat.

Unis here usually lease most of their computers and its a real fight to buy a pc except if you are using research funds. Problem is a lot of the time they don't only upgrade the software once a year or once a semester.Here they've only just finished rolling out windows 7 with sp1 and most staff machines are lucky to get patched more than once a year unless you get local admin rights

Hopefully as older people retire and die off a younger generation of finance professionals will take over who understand the value and necessity of maintaining a reasonably up to date IT infrastructure.

Really? Really? How do you know it isn't (let me be just as idiotic) careless inexperienced new college hires responsible for this?

Sticking with antiquated tech is a disease which affects mid-to-late career IT person: everything is better than what they started with back, it's familiar, why change? This is not to say that everyone does it but simply that in 17 years of IT work, I've never once seen someone young sandbagging upgrades. This is one way you can tell the n-years of experience types from the one year n times crowd: the latter still define success as only doing what you were doing before slightly faster / cheaper.

Now,if the problem was something like compromising the system by putting the latest shiny beta on before it was mature or disabling security measures in a mad rush to be first to deploy something new, well, that would most likely be your recent grad.

Don't I remember that there was a good chunk of the Microsoft code base that was heisted from a third party a few years ago?

Are these sorts of exploits taking advantage of that old code? (This kind of security is really outside my experience so I'm asking an honest question, not trolling.)

If so wouldn't Windows 7 & 8 with re-written browsers using new/improved software tools and libraries be less susceptible to attacks learned through access to the old code? I understand there will be new exploits since no one seems to be writing perfect bug-free code these days (or ever).

Sticking with antiquated tech is a disease which affects mid-to-late career IT person: everything is better than what they started with back, it's familiar, why change? This is not to say that everyone does it but simply that in 17 years of IT work, I've never once seen someone young sandbagging upgrades. This is one way you can tell the n-years of experience types from the one year n times crowd: the latter still define success as only doing what you were doing before slightly faster / cheaper.

Now,if the problem was something like compromising the system by putting the latest shiny beta on before it was mature or disabling security measures in a mad rush to be first to deploy something new, well, that would most likely be your recent grad.

I'd suggest that rather than make your assertion an absolute you make it a "possible" or even "likely". I imagine that having dealt with 20 years of new technology rollouts, and some of them going south in a big way, a senior IT admin might well want to move carefully, especially in Fortune 500 companies. Disasters tend to make conservatives of us all.

That said, I think you're more correct than wrong, especially as the pace accelerates. It's the challenge of the good manager to self-evaluate. Of course this is probably just as difficult as it is to recognize that you are impaired by drugs or technology.

Not sure if a sandbox approach would have helped here, but you certainly can't rely on a sandbox to work every time, can you? Seems like a false sense of security, again... Remember when we thought Norton would protect us? Don't think a software solution is the way...

Often that very expensive equipment only has an RS-232 connection, and doesn't work with a USB to RS-232 adapter and anything later than Windows XP. So you'll need an 8 year old computer, it's very difficult to find a new system that has a hardware RS-232 port anymore.

it is easy to get hardware PCI based RS232 ports and even my laptop has a PCI express hardware port that I run in Windows 8.

I used to work at a pharmaceutical company that would spend $30,000, $50,000 on various scientific equipment, then hook it up to an 8 yr old Dell, that only had IE 8 on it. They were risking their intellectual property and reducing employee productivity to save a fraction of a percent of their yearly spending.

Hopefully as older people retire and die off a younger generation of finance professionals will take over who understand the value and necessity of maintaining a reasonably up to date IT infrastructure.

Often that very expensive equipment only has an RS-232 connection, and doesn't work with a USB to RS-232 adapter and anything later than Windows XP. So you'll need an 8 year old computer, it's very difficult to find a new system that has a hardware RS-232 port anymore.

If they can spend $50K on the equipment, they can shell out $50 for a real serial port.

We had the same problem, new Win7 computers, old equipment, USB cable not working. We went to Fry's and $49.98 later, walla, we had 4 real serial ports.

Edit: I also had to create a Virtual Box to run the compiler for the same piece of equipment since it wouldn't install on Windows7, but admittedly I didn't have to use the RS-232 port from the VM to talk to the hardware. That piece of code worked under Win7.

PC to instrument connections can be a real problem. The instruments last longer than a version of windows. I had used some gear in 2000 that ran on WFW 3.11. The gear was about $150k at time of purchase.

I work HR for the Forest Service, we're just now moving from XP to Win7 and we're running IE8, even on the machines that have been moved to Win7. From what I've heard we're only upgrading to Win7 because Microsoft isn't going to be providing support for XP past next summer.

I work HR for the Forest Service, we're just now moving from XP to Win7 and we're running IE8, even on the machines that have been moved to Win7. From what I've heard we're only upgrading to Win7 because Microsoft isn't going to be providing support for XP past next summer.

That is how it is with my company. We have legacy software involving government contracts and it's very expensive to make the transition to Windows 7.

I work HR for the Forest Service, we're just now moving from XP to Win7 and we're running IE8, even on the machines that have been moved to Win7. From what I've heard we're only upgrading to Win7 because Microsoft isn't going to be providing support for XP past next summer.

That is how it is with my company. We have legacy software involving government contracts and it's very expensive to make the transition to Windows 7.

I work HR for the Forest Service, we're just now moving from XP to Win7 and we're running IE8, even on the machines that have been moved to Win7. From what I've heard we're only upgrading to Win7 because Microsoft isn't going to be providing support for XP past next summer.

That is how it is with my company. We have legacy software involving government contracts and it's very expensive to make the transition to Windows 7.

Yes but why not Windows 8 because it is.....Superior to Windows 7?

We are not considering Windows 8 yet because we are dealing with compatibility issues that take years to figure out.

The focus for us is to get software to run on Windows 7. And that again, takes a very long time.

Hopefully as older people retire and die off a younger generation of finance professionals will take over who understand the value and necessity of maintaining a reasonably up to date IT infrastructure.

I'm in finance, and you have no idea about some of the stupid shit I see: IT related or not. There are a lot of really dumb, shortsighted people out there.

It does make you laugh when governments scrimp on IT. I work in the rn and we've just had brand new computers installed on our air squadron but the software? Windows xp and ie6 it makes me laugh that no one higher up ever realises how insecure this combination is but then again we leave laptops full of personal information on trains every now and again so I shouldn't be surprised.

the last time I checked it is the IT department, not Finance that makes these kinds of decisions

I want to live in your magical world

This. Where I work, they backed out of approving 10 new desktops to get everyone off XP before support ends. They've backed off 3 new servers to replace the 2 5-year old (and one 8+ years) servers that run the ERP systems. They don't have proper backups or any offsite backup whatsoever - nothing bad has happened yet, so why spend the money?

Oh, but a member of management read an article about the cloud and they are looking into moving to hosted Exchange...after we dropped $17k on a new server and Exchange 2010...which they were forced into when the Exchange 2003 server started dying last year.

This right around the same time they announced (to sales, not the peons) they just had their biggest, most profitable quarter in the history of the (10 year old) company. Sometimes I almost wish for the server room to catch fire to show them how stupid they're being.